The following is a description of the elements, types, and attributes that compose the HP-UX specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.
The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.
From /usr/bin/getconf. See getconf manpage for specific fields
Child Elements Type MinOccurs MaxOccurs object oval-def:ObjectRefType 1 1 state oval-def:StateRefType 0 unbounded
Child Elements Type MinOccurs MaxOccurs parameter_name oval-def:EntityObjectStringType 1 1 pathname oval-def:EntityObjectStringType 1 1
Child Elements Type MinOccurs MaxOccurs parameter_name oval-def:EntityStateStringType 0 1 pathname oval-def:EntityStateStringType 0 1 output oval-def:EntityStateStringType 0 1
From /usr/sbin/swlist -l patch PHxx_yyyyy. See swlist manpage for specific fields
Child Elements Type MinOccurs MaxOccurs object oval-def:ObjectRefType 1 1 state oval-def:StateRefType 0 unbounded
Child Elements Type MinOccurs MaxOccurs behaviors hpux-def:Patch53Behaviors 0 1 swtype oval-def:EntityObjectStringType 0 1 area_patched oval-def:EntityObjectStringType 0 1 patch_base oval-def:EntityObjectStringType 0 1
Child Elements Type MinOccurs MaxOccurs swtype oval-def:EntityStateStringType 0 1 area_patched oval-def:EntityStateStringType 0 1 patch_base oval-def:EntityStateStringType 0 1
The Patch53Behaviors complex type defines a number of behaviors that allow a more detailed definition of the patch53_object being specified. Note that using these behaviors may result in some unique results. For example, a double negative type condition might be created where an object entity says include everything except a specific item, but a behavior is used that might then add that item back in.
Attributes:
- supersedence n/a (optional -- default='false')
| Deprecated As Of Version: 5.3 Reason: Replaced by the patch53_test. The patch_name entity was removed from the patch_object element, and replaced with the swtype, area_patched, and patch_base entities, because the patch_name element can be constructed from the swtype, area_patched, and patch_base entities. Likewise, the patch_name entity was removed from the patch_state element for the same reason. Also, a behaviors entity was added to the patch_object to allow the object to match both the original patch and any superseding patches. A new test was created to reflect these changes. See the patch53_test. Comment: This test has been deprecated and will be removed in version 6.0 of the language. |
From /usr/sbin/swlist -l patch PHxx_yyyyy. See swlist manpage for specific fields
Child Elements Type MinOccurs MaxOccurs object oval-def:ObjectRefType 1 1 state oval-def:StateRefType 0 unbounded
| Deprecated As Of Version: 5.3 Reason: Replaced by the patch53_object. The patch_name entity was removed from the patch_object element, and replaced with the swtype, area_patched, and patch_base entities, because the patch_name element can be constructed from the swtype, area_patched, and patch_base entities. Also, a behaviors entity was added to the patch_object to allow the object to match both the original patch and any superseding patches. A new object was created to reflect these changes. See the patch53_object. Comment: This object has been deprecated and will be removed in version 6.0 of the language. |
Child Elements Type MinOccurs MaxOccurs patch_name oval-def:EntityObjectStringType 1 1
| Deprecated As Of Version: 5.3 Reason: Replaced by the patch53_state. The patch_name entity was removed from the patch_state element, and replaced with the swtype, area_patched, and patch_base entities, because the patch_name element can be constructed from the swtype, area_patched, and patch_base entities. A new state was created to reflect these changes. See the patch53_state. Comment: This state has been deprecated and will be removed in version 6.0 of the language. |
Child Elements Type MinOccurs MaxOccurs patch_name oval-def:EntityStateStringType 0 1 swtype oval-def:EntityStateStringType 0 1 area_patched oval-def:EntityStateStringType 0 1 patch_base oval-def:EntityStateStringType 0 1
Output of /usr/sbin/swlist command. Note: A quick way to check for the installation of a specific fileset is to use the command 'swlist -a version -l fileset filesetname'. See manpage for swlist for explanation of additional command options.
Child Elements Type MinOccurs MaxOccurs object oval-def:ObjectRefType 1 1 state oval-def:StateRefType 0 unbounded
Child Elements Type MinOccurs MaxOccurs swlist oval-def:EntityObjectStringType 1 1
Child Elements Type MinOccurs MaxOccurs swlist oval-def:EntityStateStringType 0 1 bundle oval-def:EntityStateStringType 0 1 fileset oval-def:EntityStateStringType 0 1 version oval-def:EntityStateStringType 0 1 title oval-def:EntityStateStringType 0 1 vendor oval-def:EntityStateStringType 0 1
This test allows for analysis of account settings in trusted HP-UX installations
Child Elements Type MinOccurs MaxOccurs object oval-def:ObjectRefType 1 1 state oval-def:StateRefType 0 unbounded
Child Elements Type MinOccurs MaxOccurs username oval-def:EntityObjectStringType 1 1